From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-commits+bounces-853250-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	by finch.gentoo.org (Postfix) with ESMTP id 846E31384B4
	for <garchives@archives.gentoo.org>; Fri, 25 Dec 2015 10:38:18 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 16B00E0886;
	Fri, 25 Dec 2015 10:38:17 +0000 (UTC)
Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id 87850E0884
	for <gentoo-commits@lists.gentoo.org>; Fri, 25 Dec 2015 10:38:16 +0000 (UTC)
Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by smtp.gentoo.org (Postfix) with ESMTPS id 2C23134082B
	for <gentoo-commits@lists.gentoo.org>; Fri, 25 Dec 2015 10:38:14 +0000 (UTC)
Received: from localhost.localdomain (localhost [127.0.0.1])
	by oystercatcher.gentoo.org (Postfix) with ESMTP id 81E58C88
	for <gentoo-commits@lists.gentoo.org>; Fri, 25 Dec 2015 10:38:12 +0000 (UTC)
From: "Justin Lecher" <jlec@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Content-Transfer-Encoding: 8bit
Content-type: text/plain; charset=UTF-8
Reply-To: gentoo-dev@lists.gentoo.org, "Justin Lecher" <jlec@gentoo.org>
Message-ID: <1451039884.15848c4175bd2c42967e5f09128a600f376febd3.jlec@gentoo>
Subject: [gentoo-commits] repo/gentoo:master commit in: sci-biology/t-coffee/files/, sci-biology/t-coffee/
X-VCS-Repository: repo/gentoo
X-VCS-Files: sci-biology/t-coffee/files/t-coffee-11.00-mayhem.patch sci-biology/t-coffee/files/t-coffee-11.00-set_proper_dir_permissions.patch sci-biology/t-coffee/t-coffee-11.00-r1.ebuild sci-biology/t-coffee/t-coffee-11.00.ebuild
X-VCS-Directories: sci-biology/t-coffee/ sci-biology/t-coffee/files/
X-VCS-Committer: jlec
X-VCS-Committer-Name: Justin Lecher
X-VCS-Revision: 15848c4175bd2c42967e5f09128a600f376febd3
X-VCS-Branch: master
Date: Fri, 25 Dec 2015 10:38:12 +0000 (UTC)
Precedence: bulk
List-Post: <mailto:gentoo-commits@lists.gentoo.org>
List-Help: <mailto:gentoo-commits+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-commits+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-commits+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-commits.gentoo.org>
X-BeenThere: gentoo-commits@lists.gentoo.org
X-Archives-Salt: 8dcf2a63-70e7-41dc-a740-7a5f1223d1f8
X-Archives-Hash: b674c38cfc6135b30673012ebd5f01cd

commit:     15848c4175bd2c42967e5f09128a600f376febd3
Author:     Justin Lecher <jlec <AT> gentoo <DOT> org>
AuthorDate: Fri Dec 25 10:38:04 2015 +0000
Commit:     Justin Lecher <jlec <AT> gentoo <DOT> org>
CommitDate: Fri Dec 25 10:38:04 2015 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=15848c41

sci-biology/t-coffee: Import fix for CVE-2015-8621

Gentoo-Bug: https://bugs.gentoo.org/show_bug.cgi?id=569650

Package-Manager: portage-2.2.26
Signed-off-by: Justin Lecher <jlec <AT> gentoo.org>

 .../t-coffee/files/t-coffee-11.00-mayhem.patch     | 25 ++++++++++++++++
 ...t-coffee-11.00-set_proper_dir_permissions.patch | 35 ++++++++++++++++++++++
 ...offee-11.00.ebuild => t-coffee-11.00-r1.ebuild} |  3 ++
 3 files changed, 63 insertions(+)

diff --git a/sci-biology/t-coffee/files/t-coffee-11.00-mayhem.patch b/sci-biology/t-coffee/files/t-coffee-11.00-mayhem.patch
new file mode 100644
index 0000000..cbfeeab
--- /dev/null
+++ b/sci-biology/t-coffee/files/t-coffee-11.00-mayhem.patch
@@ -0,0 +1,25 @@
+Author: Andreas Tille <tille@debian.org>
+Last-Update: Mon, 21 Dec 2015 21:30:36 +0100
+Bug-Debian: https://bugs.debian.org/716373
+Description: Fix Mayhem issue
+ The idea behind this patch is that if there is a problem to set the HOME
+ directories no additional processes can exist and so we should *really*
+ exit.  Somehow the printf_exit() function does some logic which ends up
+ in an endless loop and thus forcing the exit will help here.
+ .
+ Unfortunately this does not solve the issue completely since inside the
+ Exit call a "Segmentation fault" happens - so some broken pointer handling
+ seems to happen somewhere before.
+
+--- a/t_coffee_source/util_lib/util.c
++++ b/t_coffee_source/util_lib/util.c
+@@ -4642,7 +4642,8 @@ char *get_home_4_tcoffee ()
+     }
+   else
+     {
+-      printf_exit (EXIT_FAILURE, stderr, "ERROR: Could not set a HOME directory.\nSet any of the following environement variables to some suitable location: HOME, HOME_4_TCOFFEE, TMP or TEMP [FATAL:%s]\n", PROGRAM);
++      fprintf(stderr, "ERROR: Could not set a HOME directory.\nSet any of the following environement variables to some suitable location: HOME, HOME_4_TCOFFEE, TMP or TEMP [FATAL:%s]\n", PROGRAM);
++      exit(EXIT_FAILURE);
+     }
+ 
+ 

diff --git a/sci-biology/t-coffee/files/t-coffee-11.00-set_proper_dir_permissions.patch b/sci-biology/t-coffee/files/t-coffee-11.00-set_proper_dir_permissions.patch
new file mode 100644
index 0000000..a3f47cd
--- /dev/null
+++ b/sci-biology/t-coffee/files/t-coffee-11.00-set_proper_dir_permissions.patch
@@ -0,0 +1,35 @@
+Author: Andreas Tille <tille@debian.org>
+Last-Update: Mon, 21 Dec 2015 21:30:36 +0100
+Bug-Debian: https://bugs.debian.org/751579
+Description: When creating subdirectories in $HOME do not
+ make these world writable but keep users umask
+
+--- a/t_coffee_source/util_lib/util.c
++++ b/t_coffee_source/util_lib/util.c
+@@ -7714,6 +7714,10 @@ int my_mkdir ( char *dir_in)
+   int a, buf;
+   char *dir;
+ 
++  static char *home = getenv ("HOME");
++  static mode_t oldmask = umask(0);
++  int change_umask = 0;
++  if (strncmp (dir_in, home, strlen(home))==0) change_umask = 1;
+ 
+   dir=(char*)vcalloc ( strlen (dir_in)+strlen (get_home_4_tcoffee())+100, sizeof (char));
+   sprintf ( dir, "%s", dir_in);
+@@ -7733,10 +7737,11 @@ int my_mkdir ( char *dir_in)
+ 
+ 	  if (access(dir, F_OK)==-1)
+ 	    {
+-		  mode_t oldmask = umask(0);
+-	      mkdir (dir, S_IRWXU | S_IRWXG | S_IRWXO);
+-	      umask(oldmask);
+-
++	      if ( change_umask == 1 ) mkdir (dir, 0777-oldmask);
++	      else {
++	        mkdir (dir, S_IRWXU | S_IRWXG | S_IRWXO);
++	        umask(oldmask);
++	      }
+ 	      if ( access (dir, F_OK)==-1)
+ 		{
+ 		  myexit(fprintf_error ( stderr, "\nERROR: Could Not Create Directory %s [FATAL:%s]", dir, PROGRAM));	}

diff --git a/sci-biology/t-coffee/t-coffee-11.00.ebuild b/sci-biology/t-coffee/t-coffee-11.00-r1.ebuild
similarity index 92%
rename from sci-biology/t-coffee/t-coffee-11.00.ebuild
rename to sci-biology/t-coffee/t-coffee-11.00-r1.ebuild
index 62e8b70..3f2861c 100644
--- a/sci-biology/t-coffee/t-coffee-11.00.ebuild
+++ b/sci-biology/t-coffee/t-coffee-11.00-r1.ebuild
@@ -31,6 +31,9 @@ src_prepare() {
 		-e '/@/s:.*;:\t:g' \
 		-e '/Linking/s:$(CC):$(CC) $(CFLAGS) $(LDFLAGS):g' \
 		-i t_coffee_source/makefile || die
+	epatch \
+		"${FILESDIR}"/${P}-mayhem.patch \
+		"${FILESDIR}"/${P}-set_proper_dir_permissions.patch
 }
 
 src_compile() {